Redmine 0.7.3 released

Added by Jean-Philippe Lang over 16 years ago

Yet another bug fix release. See the Changelog for more details.
As Redmine 0.7.3 fixes several XSS vulnerabilities, users are highly encouraged to upgrade to this new release.

No database migration is needed when upgrading from previous 0.7.x versions.
This release is still running with Rails 2.0.2.

It can be downloaded at Rubyforge.

Comments

Added by Jean-Philippe Lang over 16 years ago

The vulnerability report at JVN: http://jvn.jp/en/jp/JVN00945448/index.html

Added by Mark Gallop over 16 years ago

Jean-Philippe,

Can you please indicate which commit fixes the XSS vulnerabilities? I would like to apply the changes to an custom version of Redmine.

Cheers,
Mark

Added by Jean-Philippe Lang over 16 years ago

See r1612.

Project

General

Profile

Redmine

Redmine 0.7.3 released

Comments

Added by Jean-Philippe Lang over 16 years ago

Added by Mark Gallop over 16 years ago

Added by Jean-Philippe Lang over 16 years ago